<?php
error_reporting ( E_ALL );
$PageSecurity = 14;
include_once ('includes/session.inc');
set_time_limit ( 0 );

$action = isset ( $_POST ['action'] ) ? $_POST ['action'] : '';

if ($action == 'getPartner') {
    $result = _single ( 'api/partner' )->GetAllPartner ( $_SESSION ['UserID'], $_SESSION ['Password'] );

    $data = '{"success":true';
    $data .= ',"data":[';
    $haveData = false;

    while ( $row = DB_fetch_array ( $result ) ) {
        $haveData = true;
        $data .= sprintf ( '{"partner_id":"%s","partner_number":"%s","partner_name":"%s"},', $row ['partner_id'], $row ['partner_number'], $row ['partner_name'] );
    }

    if ($haveData) {
        $data = substr ( $data, 0, strlen ( $data ) - 1 );
    }

    $data .= '],"count":"' . json_encode ( $total ) . '"}';
    echo $data;
} elseif ($action == 'getObject') {
    $total = 0;
    $condition = array ();
    if (! empty ( $_POST ['query'] ))
        $condition ['object_name'] = "'%" . DB_escape_string ( $_POST ['query'] ) . "%'";

    $result = _single ( 'api/object' )->loadObjects ( null, $_POST ['limit'], $_POST ['start'], $total, $_SESSION ['UserID'], $_SESSION ['Password'], $condition );

    $data = '{"success":true';
    $data .= ',"data":[';
    $haveData = false;

    while ( $row = DB_fetch_array ( $result ) ) {
        $haveData = true;
        $data .= sprintf ( '{"object_id":"%s","object_number":"%s","object_name":"%s"},', $row ['object_id'], $row ['object_number'], $row ['object_name'] );
    }

    if ($haveData) {
        $data = substr ( $data, 0, strlen ( $data ) - 1 );
    }

    $data .= '],"count":"' . json_encode ( $total ) . '"}';
    echo $data;
}
?>
